From: "Michael Frank" <mhf@linuxmail.org>
To: Luke-Jr <luke-jr@artcena.com>, swsusp-devel@lists.sourceforge.net
Cc: "Micha Feigin" <michf@post.tau.ac.il>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>
Subject: Paranoia is fun [Was Re: -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]]]
Date: Sun, 28 Mar 2004 05:01:32 +0800 [thread overview]
Message-ID: <opr5jgous34evsfm@smtp.pacific.net.th> (raw)
In-Reply-To: <200403272003.35410.luke-jr@artcena.com>
This thread mutates fast :)
On Sat, 27 Mar 2004 20:03:35 +0000, Luke-Jr <luke-jr@artcena.com> wrote:
> On Saturday 27 March 2004 07:50 pm, Micha Feigin wrote:
>> If the key is given at resume command line and this is properly
>> forgotten when the resumed kernel kicks in then a user key will also
>> probably be ok.
> The resume command line is usually stored on the same disk as the image in a
> configuration file.
>
... so one really would not want to put the key there.
Each and every shortcut is unsafe as it somwhere has to store the
full key and could be reverse engineered and broken "easily"
relative to breaking the key.
Guess Micha meant to edit the resume command line prior to
boot, which would work at this time.
The only "safe" way is to enter the key when prompted
For references Google for cryptoswap, loop-aes, cryptoapi
Also resuming kernel md5 checksum should flow into the key to
prevent some schlaphut replacing the kernel. (I know that
it would be hard to make addresses match, but still easier
than breaking the key). So, this is really important.
It was discussed to pass the resume command line on to the
resumed kernel for config, in which case the key should be
stripped prior to doing so.
Michael
P.S.
I say "safe" because it is safe only as long as noone can observe
key entry or touch the machine to install a (keyboard) bug...
BTW, When did we look last into our keyboards and are we
sure there are no spare chips (bugs) planted in our machines ;)
Well, perhaps we need linux computers implanted into our teeth
so that we can be "more" safe. The key could be transmitted
by tongue using (morse) code however (unauthorized) third party
objects must be prevented from entering the mouth to prevent spying.
Well, should I mention what could be hidden _on_ those bloody chips.
Have a nice day.
next prev parent reply other threads:[~2004-03-27 21:07 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1079659165.15559.34.camel@calvin.wpcb.org.au>
[not found] ` <20040318193703.4c02f7f5.akpm@osdl.org>
[not found] ` <1079661410.15557.38.camel@calvin.wpcb.org.au>
[not found] ` <20040318200513.287ebcf0.akpm@osdl.org>
[not found] ` <1079664318.15559.41.camel@calvin.wpcb.org.au>
2004-03-21 22:00 ` swsusp problems [was Re: Your opinion on the merge?] Pavel Machek
2004-03-22 0:29 ` Pavel Machek
2004-03-22 20:55 ` Nigel Cunningham
2004-03-22 23:17 ` Pavel Machek
2004-03-23 9:53 ` [Swsusp-devel] " Jonathan Sambrook
2004-03-23 15:25 ` Micha Feigin
2004-03-23 21:47 ` Pavel Machek
2004-03-23 21:08 ` Nigel Cunningham
2004-03-23 22:17 ` Pavel Machek
2004-03-23 22:38 ` Nigel Cunningham
2004-03-23 23:07 ` Michael Frank
2004-03-23 23:17 ` Pavel Machek
2004-03-23 22:36 ` Nigel Cunningham
2004-03-23 23:45 ` Dumitru Ciobarcianu
2004-03-23 22:52 ` Nigel Cunningham
2004-03-24 0:05 ` Joel Jaeggli
2004-03-23 23:10 ` Nigel Cunningham
2004-03-23 22:43 ` Dmitry Torokhov
2004-03-23 23:32 ` Pavel Machek
2004-03-23 22:40 ` Nigel Cunningham
2004-03-23 23:44 ` Pavel Machek
2004-03-24 3:12 ` Michael Frank
2004-03-24 10:17 ` Pavel Machek
2004-03-24 22:46 ` Michael Frank
2004-03-24 23:23 ` Pavel Machek
2004-03-24 23:56 ` Michael Frank
2004-03-25 0:23 ` -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]] Pavel Machek
2004-03-25 0:50 ` Michael Frank
2004-03-25 1:41 ` Pavel Machek
[not found] ` <200403250857.08920.matthias.wieser@hiasl.net>
2004-03-25 20:39 ` Nigel Cunningham
2004-03-25 22:27 ` Pavel Machek
2004-03-25 21:38 ` Nigel Cunningham
2004-03-25 22:54 ` Pavel Machek
2004-03-26 5:59 ` Michael Frank
2004-03-26 10:50 ` Pavel Machek
2004-03-26 13:17 ` Michael Frank
2004-03-27 14:49 ` Jamie Lokier
2004-03-29 12:10 ` fast compressed fs (was Re: -nice tree) Pavel Machek
2004-03-26 5:59 ` -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]] Michael Frank
2004-03-26 10:22 ` Pavel Machek
2004-03-26 20:30 ` Nigel Cunningham
2004-03-26 22:22 ` Pavel Machek
2004-03-27 2:08 ` Nigel Cunningham
2004-03-27 3:37 ` Luke-Jr
2004-03-27 4:28 ` Micha Feigin
2004-03-27 4:40 ` Luke-Jr
2004-03-27 19:50 ` Micha Feigin
2004-03-27 20:03 ` Luke-Jr
2004-03-27 21:01 ` Michael Frank [this message]
2004-03-27 21:40 ` Paranoia is fun [Was Re: -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]]] Luke-Jr
2004-03-27 21:29 ` -nice tree [was Re: [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?]] Pavel Machek
2004-03-28 0:27 ` Micha Feigin
2004-03-27 2:21 ` Micha Feigin
2004-03-29 12:13 ` Pavel Machek
2004-03-24 4:52 ` [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?] Dmitry Torokhov
2004-03-24 5:04 ` Nigel Cunningham
2004-03-24 6:22 ` Michael Frank
2004-03-24 5:46 ` Nigel Cunningham
2004-03-24 7:31 ` Michael Frank
2004-03-24 10:26 ` Pavel Machek
2004-03-25 0:06 ` Jonathan Sambrook
2004-03-24 9:32 ` Karol Kozimor
2004-03-24 14:15 ` Michael Frank
2004-03-25 0:35 ` Karol Kozimor
2004-03-24 5:06 ` sleeping in request function mohanlal jangir
[not found] ` <20040324083313.GG3377@suse.de>
2004-03-25 3:45 ` mohanlal jangir
2004-03-24 10:22 ` [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?] Pavel Machek
2004-03-24 12:48 ` Dmitry Torokhov
2004-03-24 15:18 ` Pavel Machek
2004-03-24 20:22 ` Jonathan Sambrook
2004-03-24 21:06 ` Michael Frank
2004-03-25 22:13 ` swsusp is not reliable. Face it. [was Re: [Swsusp-devel] Re: swsusp problems] Pavel Machek
2004-03-25 21:33 ` Nigel Cunningham
2004-03-25 22:52 ` Pavel Machek
2004-03-26 5:59 ` Michael Frank
2004-03-26 9:59 ` Pavel Machek
2004-03-26 10:21 ` Michael Frank
2004-03-25 22:08 ` [Swsusp-devel] Re: swsusp problems [was Re: Your opinion on the merge?] Pavel Machek
2004-03-24 22:05 ` Markus Gaugusch
2004-03-24 21:25 ` Nigel Cunningham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=opr5jgous34evsfm@smtp.pacific.net.th \
--to=mhf@linuxmail.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luke-jr@artcena.com \
--cc=michf@post.tau.ac.il \
--cc=swsusp-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox